package com.example.springsecurityoauthdemo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class UserController {

    @GetMapping("/hello")
    public String hello(){
        return "hello";
    }

    @GetMapping("/index")
    public String index(){
        return "index";
    }

    @GetMapping("/test")
    public String test(){
        return "test";
    }

    @GetMapping("/update")
//    @Secured({"ROLE_sale","ROLE_admin"})
//    @Secured({"ROLE_sale"})
    @PreAuthorize("hasAnyAuthority('update')")
    public String update(){
        return "update";
    }
}
